diff options
| author |   dtucker <dtucker@openbsd.org> | 2008-06-12 00:03:49 +0000 |
|---|---|---|
| committer | dtucker <dtucker@openbsd.org> | 2008-06-12 00:03:49 +0000 |
| commit | eed45aec917baac8f7036aae32fa66d18930e3f9 (patch) | |
| tree | cc0547b4551c3f4f1e6c1bad5bffdba37cedb800 | |
| parent | Add a few comments. (diff) | |
| download | wireguard-openbsd-eed45aec917baac8f7036aae32fa66d18930e3f9.tar.xz wireguard-openbsd-eed45aec917baac8f7036aae32fa66d18930e3f9.zip | |
Do not pass "0" strings as ports to getaddrinfo because the lookups
can slow things down and we never use the service info anyway. bz
#859, patch from YOSHIFUJI Hideaki and John Devitofranceschi. ok
deraadt@ djm@
djm belives that the reason for the "0" strings is to ensure that
it's not possible to call getaddrinfo with both host and port being
NULL. In the case of canohost.c host is a local array. In the
case of sshconnect.c, it's checked for null immediately before use.
In dns.c it ultimately comes from ssh.c:main() and is guaranteed to
be non-null but it's not obvious, so I added a warning message in
case it is ever passed a null.
| -rw-r--r-- | usr.bin/ssh/canohost.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/dns.c | 13 | ||||
| -rw-r--r-- | usr.bin/ssh/sshconnect.c | 4 |
3 files changed, 15 insertions, 6 deletions
diff --git a/usr.bin/ssh/canohost.c b/usr.bin/ssh/canohost.c index 0a862c1c161..1d4696ddb24 100644 --- a/usr.bin/ssh/canohost.c +++ b/usr.bin/ssh/canohost.c @@ -1,4 +1,4 @@ -/* $OpenBSD: canohost.c,v 1.62 2007/12/27 14:22:08 dtucker Exp $ */ +/* $OpenBSD: canohost.c,v 1.63 2008/06/12 00:03:49 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -81,7 +81,7 @@ get_remote_hostname(int sock, int use_dns) memset(&hints, 0, sizeof(hints)); hints.ai_socktype = SOCK_DGRAM; /*dummy*/ hints.ai_flags = AI_NUMERICHOST; - if (getaddrinfo(name, "0", &hints, &ai) == 0) { + if (getaddrinfo(name, NULL, &hints, &ai) == 0) { logit("Nasty PTR record \"%s\" is set up for %s, ignoring", name, ntop); freeaddrinfo(ai); diff --git a/usr.bin/ssh/dns.c b/usr.bin/ssh/dns.c index 57f0f18cbef..cb4858694f9 100644 --- a/usr.bin/ssh/dns.c +++ b/usr.bin/ssh/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.24 2007/01/03 03:01:40 stevesk Exp $ */ +/* $OpenBSD: dns.c,v 1.25 2008/06/12 00:03:49 dtucker Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -142,11 +142,20 @@ is_numeric_hostname(const char *hostname) { struct addrinfo hints, *ai; + /* + * We shouldn't ever get a null host but if we do then log an error + * and return -1 which stops DNS key fingerprint processing. + */ + if (hostname == NULL) { + error("is_numeric_hostname called with NULL hostname"); + return -1; + } + memset(&hints, 0, sizeof(hints)); hints.ai_socktype = SOCK_DGRAM; hints.ai_flags = AI_NUMERICHOST; - if (getaddrinfo(hostname, "0", &hints, &ai) == 0) { + if (getaddrinfo(hostname, NULL, &hints, &ai) == 0) { freeaddrinfo(ai); return -1; } diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c index 73ab03da31d..6459f7906e6 100644 --- a/usr.bin/ssh/sshconnect.c +++ b/usr.bin/ssh/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.204 2008/06/11 21:01:35 grunk Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.205 2008/06/12 00:03:49 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -208,7 +208,7 @@ ssh_create_socket(int privileged, struct addrinfo *ai) hints.ai_socktype = ai->ai_socktype; hints.ai_protocol = ai->ai_protocol; hints.ai_flags = AI_PASSIVE; - gaierr = getaddrinfo(options.bind_address, "0", &hints, &res); + gaierr = getaddrinfo(options.bind_address, NULL, &hints, &res); if (gaierr) { error("getaddrinfo: %s: %s", options.bind_address, ssh_gai_strerror(gaierr)); |